Bug in csh (history, "!a%100s"). Report and Fix.

Thu Jul 6 23:49:36 AEST 1989

In article <113630 at sun.Eng.Sun.COM>, argv%eureka at Sun.COM (Dan Heller) writes:
> Why are people so stuck on using printf?  Michael Greim finds a bug
> in csh because it misuses printf, yet the fix (altho it works) continues
> to use printf -- I have nothing against using printf, but this is a very
> costly function when you compare it to something like fputs or puts.
> (Have you ever seen the source to printf()?)  But more importantly, it
> causes severe bugs with programs that are sometimes hard to trace.
1.) I did not find the bug in printf, Robert Cousins did. I rather found
	a fix for it.
2.) Yes stdio's printf is very costly, but ...
3.) ... csh uses its own printf. In fact, printf just calls _doprnt.
	_doprnt calls strout to emit parts of its stuff, which in turn calls
	putchar. There is no puts or fputs.
4.) Of course I could have used putchar. But for the strings I would
	have needed a loop -> more code and error messages occur fairly seldom,
	so there is not much gain in trying to safe some microseconds by taking the
	shortcut for the calling sequence.
5.)	_doprnt is written in VAX assembler. So on other machines it must either
	be rewritten in the appropriate assembler, or a C implementation of printf
	must be used.
	There might not even be a putchar available after all.
	In my testversion I use the C printf from vi.
6.) Yes, I have seen the innards of printf. In my own programs I try to
	avoid printf (and scanf) if possible. (See "strings", recently published
	in comp.sources.misc)

> Now don't get me wrong, I realize that this is a trivial "simple" thing
> that one might say, "give me a break."  But the fact that people are not
> as conscientious about how printf is used is the reason that the bugs
> recently found is csh are created.  A much more important bug that I've
> found as a result of the same errors is when programs write out data to
> files using fprintf.  As soon as there is a %s in the data written, you
> just created a junk file.  And this is also the type of bug that doesn't
Normally one gets a core dump fairly quick.
How can you create a file using
	fprintf ("%s", n);
? (Which is what I think you are writing about)
And then there is lint ...

	-mg
-- 
Michael Greim    Email : greim at sbsvax.informatik.uni-saarland.dbp.de
                 or    : ...!uunet!unido!sbsvax!greim
[.signature removed by the board of censors for electronic mail's main
executive computer because it contained a four letter word ("word")]